LayerZero said the Lazarus Group attacked internal RPCs used by the LayerZero Labs DVN and poisoned their source of truth while an external RPC provider was simultaneously DDoS’d. The protocol itself was described as unaffected, but the incident impacted a single application, representing 0.14% of applications and about 0.36% of asset value on LayerZero. LayerZero attributed risk to allowing its DVN to operate as a 1/1 DVN for high-value transactions, creating a single point of failure. The company recommended pinned configurations, higher block confirmations, and DVN sets with at least two parties, preferably three to five.